Description
The Insecure field in ServiceOption struct (pkg/rpc/client/client.go) is defined but never used.
https://github.com/aquasecurity/trivy/blob/749f72680bbd42295688ae00c6f3d14b04addb09/pkg/rpc/client/client.go#L26-L31
type ServiceOption struct {
RemoteURL string
Insecure bool // <- This field is unused
CustomHeaders http.Header
PathPrefix string
}
Background
The Insecure option is already configured at the transport level via xhttp.SetDefaultTransport() in pkg/commands/artifact/run.go:
xhttp.SetDefaultTransport(xhttp.NewTransport(xhttp.Options{
Insecure: cliOptions.Insecure,
CACerts: cliOptions.CACerts,
Timeout: cliOptions.Timeout,
TraceHTTP: cliOptions.TraceHTTP,
}))
Since xhttp.Client() uses the default transport, the Insecure setting is automatically applied. Therefore, ServiceOption.Insecure is redundant and can be safely removed.
Proposed Solution
- Remove the
Insecure field from ServiceOption struct in pkg/rpc/client/client.go
- Update any code that sets this field (if any)
References
Description
The
Insecurefield inServiceOptionstruct (pkg/rpc/client/client.go) is defined but never used.https://github.com/aquasecurity/trivy/blob/749f72680bbd42295688ae00c6f3d14b04addb09/pkg/rpc/client/client.go#L26-L31
Background
The
Insecureoption is already configured at the transport level viaxhttp.SetDefaultTransport()inpkg/commands/artifact/run.go:Since
xhttp.Client()uses the default transport, theInsecuresetting is automatically applied. Therefore,ServiceOption.Insecureis redundant and can be safely removed.Proposed Solution
Insecurefield fromServiceOptionstruct inpkg/rpc/client/client.goReferences